1. Field of the Invention
The present invention relates to a system that allows a license for a digital content and so forth to be securely transmitted and transferred under an offline environment.
2. Description of the Related Art
Nowadays, the Internet and computers are becoming popularized and advanced. Besides program files, network sales of music data files and video data files and so forth are started. However, since these files are electronic data, once they are downloaded, they can be easily copied. Thus, their copyrights and related rights will be easily infringed. To solve such a problem, it is desired to accomplish a system for distributing and managing licenses for these electronic files.
The technologies that have been disclosed for solving such a problem have the following disadvantages.
Once copyrighted electronic data is distributed between users, the transmission side has no means for controlling the access for the copyrighted electronic data.
Distribution of NDA Document between Companies
Even if an electronic document is distributed to a particular person of a company who has contracted for NDA (Non Disclosure Agreement), there is a possibility of which the electronic document is copied and/or printed and distributed to other people who have not contracted for the NDA.
Distribution of Material-Under-Review in Company
When a material under review is distributed to only a concerned group, the material will be copied and/or printed. As a result, the material will be distributed to other members. Thus, there is a possibility of which the information will be leaked out to the outside of the company.
Thus, it is necessary to provide a function that allows the creator of electronic data to affect his or her will to affect the access control after the electronic data has been transmitted.
In prior art, as countermeasures against such a problem, a dedicated data transferring system as shown in FIG. 1 is used.
FIG. 1 is a schematic diagram showing the structure of the conventional dedicated data transferring system for managing licenses.
In FIG. 1, a PC (Personal Computer: user terminal unit) of a content transmission side of a content uses a dedicated data transferring client unit so as to perform a transferring process for the content to be transferred. The PC transmits the processed content to a dedicated server corresponding to a secret protection transferring system. A PC of another user (user 1) that receives the content has a dedicated client unit. The PC of the user 1 receives the content from the dedicated server corresponding to the dedicated secret protection transferring system. After the PC performs the transferring process for the received content, the content is stored in a local hard disk or the like so that the user 1 can reference the received content.
When the user 1 tries to transfer the content to another user 2, the user 1 transfers the content to the dedicated server corresponding to the dedicated secret protection transferring system uses a transfer processing function of the dedicated client unit. The user 2 downloads the content from the dedicated server to a dedicated client unit corresponding to the dedicated secret protection transferring system.
The system shown in FIG. 1 has the following problems.
1) When electronic data is transferred, the dedicated client units should be used. Thus, electronic data should be transmitted corresponding to the specifications of the dedicated client units (for example, electronic data cannot be transmitted and received using application programs of the users.)
In addition, when electronic data is transmitted, the dedicated server should be used. Thus, for example, to allow electronic data to be transmitted to and received from users who are the same number of the conventional e-mail users, it is necessary to dispose the same number of dedicated servers as mail servers. However, it is not practical.
2) Since the access control is limited to the PCs, a user cannot store the received electronic data to a portable record medium and reference the electronic data with another PC.
3) The referencing function of electronic data is not protected at all. Thus, electronic data can be easily retrieved from a memory or a swap area. Consequently, it cannot be said that the system is suitable for transmitting important confidential data.
In addition, when a license for a pay content is transferred between users, it was pointed out that the following problems will take place.
Although services for distributing pay contents through the Internet, cellular phone networks (including PHS (Personal Handy-phone System) network), and so forth have been started. In such services, the user should buy a license of a pay content through such a service. Thus, the user cannot transfer the license that he or she bought to another user unless the content and the license are illegally copied. As a result, the license distribution channels on the networks are very limited. From a view point of a seller of a pay content, it is inevitable to lose the following opportunities.                A user cannot transfer his or hear license for a pay content to another user.                    When a user buys a license for a pay content as a trial, he or she cannot have his or her acquaintances use the pay content (if they are satisfied with the pay content, they will buy it).                        
So far, solutions against such problems have not been considered. In other words, in conventional services, contents are illegally copied. Thus, such problems disturbed the distribution of pay contents on networks.
Multicast of Pay Contents
In a conventional pay content multicasting system, the content transmission side and the content reception side share a unique secret key of the content reception side. The content transmission side transmits a license and a content in such a manner that the license has been encrypted by the secret key and that the content has been encrypted by the license. The content transmission side stores the unique secret key of the content reception in a TRM (Tamper Resistant Module) area of an IC card or the like and supplies the IC card or the like to the user. Thus, the user cannot extract the secret key from the IC card or the like.
The content transmission side places an encrypted license for the content reception side to the encrypted content and transmits the resultant data to the content reception side.
FIG. 2 is a schematic diagram showing a mechanism of a conventional pay content multicasting system.
The transmission side scrambles a content with a scramble key and uses the scrambled content as an encrypted content. In addition, the transmission side encrypts the scramble key with a license. The transmission side encrypts the license with secret keys 1, 2, . . . , and n and obtains encrypted licenses 1, 2, . . . , n, respectively. The transmission side transmits as transmission data the encrypted content, encrypted scramble key, and the encrypted licenses 1 to n. The transmission side multi-casts the transmission data through the Internet or a satellite broadcast using a broadcast satellite (BS) or a communication satellite (CS).
A receiving unit has a built-in IC card. Using the IC card, the receiving unit decrypts the received encrypted license i with the secret key i, obtains the license, decrypts the received encrypted scramble key with the obtained license, and obtains the scramble key. Thereafter, the receiving unit descrambles the received encrypted content with the scramble key and obtains the content.
However, the system using the IC card has the following problems.
1) It is inconvenient for the user to hold the IC card.
Unless the user contract with the transmission side to issue the IC card and he or she uses it with the receiving unit, it cannot receive a broadcast. In addition, the user should have IC cards corresponding to contracted distributors (broadcasting stations and so forth) (because each IC card stores a secret key shared by the corresponding distributor). Thus, it is very inconvenient for the user.
2) Problem about compatibility (the case of which an IC card is not used)
When an IC card stores a secret key, if the specifications of IC cards of the distributors are standardized), one receiving unit can receive transmission data from a plurality of distributors (although IC cards corresponding to the number of distributors are required).
When no IC card is used, a secret key is shared by the receiving unit and the transmission side. Thus, it is impractical to receive contents from a plurality of distributors with one receiving unit.